web-security

simongray 2020-11-23T10:04:10.029400Z

I’m adding rate-limiting to my Pedestal web service using the Jetty DoSFilter. What are some good default values to use? The filter itself comes with a set of defaults defined at the bottom of this page, but I’m inclined to think that blocking an offender is a better default than simply delaying the response by 100ms: https://www.eclipse.org/jetty/documentation/current/dos-filter.html What are your thoughts on this?

simongray 2020-11-23T10:06:31.030Z

And your thoughts on the default parameters listed in general.